Microsoft Corp. has warned thousands of its cloud customers that their databases may have been exposed to intruders, according to a report Thursday.
Reuters reported that Microsoft
warned of a major flaw in its flagship Azure Cosmos DB database service, which could allow hackers to read, change or delete data. The vulnerability was discovered by cybersecurity company Wiz, whose chief technology officer used to be CTO for Microsoft’s cloud security unit. Microsoft agreed to pay Wiz $40,000 for reporting the flaw, Reuters reported, citing an email.
Reuters said it obtained the email Microsoft sent to its cloud customers, which reportedly said the vulnerability has been repaired and that there was no evidence it had been exploited.
The vulnerability centered around security keys that control access to companies’ databases; Microsoft reportedly told thousands of its customers to create new keys, so that any keys that potentially had been obtained by hackers would become useless.
After the Reuters report was published, Wiz published a blog post detailing how they found the flaw.
“We were able to gain complete unrestricted access to the accounts and databases of several thousand Microsoft Azure customers, including many Fortune 500 companies,” Wiz security researchers Nir Ohfeld and Sagi Tzadik wrote.
They praised Microsoft for its quick response, noting the flaw was fixed within 48 hours of it being reported, but warned that not every Cosmos DB customer may have been notified about the vulnerability.
“We believe many more Cosmos DB customers may be at risk,” the Wiz researchers said. “Every Cosmos DB account that uses the notebook feature or that was created after February 2021 is potentially exposed. As a precaution, we urge every Cosmos DB customer to take steps to protect their information.”
Microsoft, whose software runs most of the world’s computers, is a frequent target of cybercriminals. Late last year, Microsoft said it was breached as part of the massive SolarWinds hack, and said hackers had viewed some of its source code. A hack of its Exchange email server software compromised tens of thousands of computers earlier this year.